From 2ab9f5784f41d6f422c3f80da7c56aefa3ec38ca Mon Sep 17 00:00:00 2001
From: "sdwilsh%shawnwilsher.com" <sdwilsh%shawnwilsher.com>
Date: Mon, 2 Jul 2007 22:36:41 +0000
Subject: [PATCH] Bug 365166 - crash [@ strlen] calling
 mozIStorageStatement::getColumnName of a statement created with "PRAGMA
 user_version" or "PRAGMA schema_version".  Patch by Nickolay Ponomarev
 <asqueella@gmail.com>.  r=sdwilsh

---
 storage/src/mozStorageStatement.cpp  |  6 ++---
 storage/test/unit/test_bug-365166.js | 37 ++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+), 4 deletions(-)
 create mode 100644 storage/test/unit/test_bug-365166.js

diff --git a/storage/src/mozStorageStatement.cpp b/storage/src/mozStorageStatement.cpp
index 7283a76cbee..c8ac2efaf55 100644
--- a/storage/src/mozStorageStatement.cpp
+++ b/storage/src/mozStorageStatement.cpp
@@ -142,10 +142,8 @@ mozStorageStatement::Initialize(mozIStorageConnection *aDBConnection, const nsAC
 
     for (unsigned int i = 0; i < mResultColumnCount; i++) {
         const void *name = sqlite3_column_name16 (mDBStatement, i);
-        if (name != nsnull)
-            mColumnNames.AppendString(nsDependentString(NS_STATIC_CAST(const PRUnichar*, name)));
-        else
-            mColumnNames.AppendString(EmptyString());
+        mColumnNames.AppendString(
+            nsDependentString(NS_STATIC_CAST(const PRUnichar*, name)));
     }
 
     // doing a sqlite3_prepare sets up the execution engine
diff --git a/storage/test/unit/test_bug-365166.js b/storage/test/unit/test_bug-365166.js
new file mode 100644
index 00000000000..464061c4539
--- /dev/null
+++ b/storage/test/unit/test_bug-365166.js
@@ -0,0 +1,37 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/licenses/publicdomain/  */ 
+
+// Testcase for bug 365166 - crash [@ strlen] calling
+// mozIStorageStatement::getColumnName of a statement created with
+// "PRAGMA user_version" or "PRAGMA schema_version"
+function run_test() {
+  test('user');
+  test('schema');
+
+  function test(param)
+  {
+    var colName = param + "_version";
+    var sql = "PRAGMA " + colName;
+
+    var file = Components.classes["@mozilla.org/file/directory_service;1"]
+                         .getService(Components.interfaces.nsIProperties)
+                         .get("TmpD", Components.interfaces.nsIFile);
+    file.append("bug-365166.sqlite");
+    var storageService = Components.classes["@mozilla.org/storage/service;1"].
+                         getService(Components.interfaces.mozIStorageService);
+    var conn = storageService.openDatabase(file); 
+    var statement = conn.createStatement(sql);
+    try {
+      // This shouldn't crash:
+      do_check_eq(statement.getColumnName(0), colName);
+
+      // OK, if the above statement didn't crash, check that initializing a
+      // wrapper doesn't crash either:
+      var wrapper = Components.classes["@mozilla.org/storage/statement-wrapper;1"]
+                              .createInstance(Components.interfaces.mozIStorageStatementWrapper);
+      wrapper.initialize(statement);
+    } finally {
+      statement.reset();
+    }
+  }
+}